5 matches found
[eVuln] Null news SQL Injection Vulnerability
New eVuln Advisory: Null news SQL Injection Vulnerability http://evuln.com/vulns/109/summary.html --------------------Summary---------------- eVuln ID: EV0109 CVE: CVE-2006-1534 Software: Null news Sowtware's Web Site: http://nullbranded.tk/ Versions: 2005.07.27 Critical Level: Moderate Type: SQL...
CVE-2006-1534
Multiple SQL injection vulnerabilities in Null news allow remote attackers to execute arbitrary SQL commands via 1 the useremail parameter in a lostpass.php, and the 2 useremail and 3 userusername parameters in b sub.php and c unsub.php...
Sql injection
Multiple SQL injection vulnerabilities in Null news allow remote attackers to execute arbitrary SQL commands via 1 the useremail parameter in a lostpass.php, and the 2 useremail and 3 userusername parameters in b sub.php and c unsub.php...
CVE-2006-1534
Multiple SQL injection vulnerabilities in Null news allow remote attackers to execute arbitrary SQL commands via 1 the useremail parameter in a lostpass.php, and the 2 useremail and 3 userusername parameters in b sub.php and c unsub.php...
CVE-2006-1534
Null news suffers SQL Injection vulnerabilities (CVE-2006-1534). The affected scripts are lostpass.php (parameter: user_email) and sub.php/unsub.php (parameters: user_email and user_username). The root cause is improper sanitization of these inputs, allowing remote attackers to execute arbitrary ...